PT-2018-9198 · Microsoft+2 · Windows 2008+4
Wflki
·
Publicado
2018-01-23
·
Atualizado
2023-10-05
·
CVE-2018-1000006
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
GitHub Electron versions 1.8.2-beta.3 and earlier
GitHub Electron versions 1.7.10 and earlier
GitHub Electron versions 1.6.15 and earlier
Description:
The issue is related to a vulnerability in the protocol handler of Electron apps running on Windows 10, 7, or 2008. If an Electron application registers a custom protocol handler, it can be tricked into arbitrary command execution when a user clicks on a specially crafted URL. This vulnerability is caused by a failure to sanitize additional arguments to Chromium in the command line handler for Electron. The estimated number of potentially affected devices is not provided.
Recommendations:
For GitHub Electron versions 1.8.2-beta.3 and earlier, update to version 1.8.2-beta.4 or later.
For GitHub Electron versions 1.7.10 and earlier, update to version 1.7.11 or later.
For GitHub Electron versions 1.6.15 and earlier, update to version 1.6.16 or later.
If updating is not possible, append
-- as the last argument when calling app.setAsDefaultProtocolClient to prevent Chromium from parsing further options. For example:javascript
app.setAsDefaultProtocolClient(protocol, process.execPath, [
'--your-switches-here',
'--'
])Exploit
Correção
OS Command Injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Chromium
Github Electron
Windows 10
Windows 2008
Windows 7